mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-27 13:28:00 +01:00
Split KeyFlagSelectionStrategies up into Has{Any|All}KeyFlagsSelectionStrategy
This commit is contained in:
parent
83362816d0
commit
c89558a01b
6 changed files with 126 additions and 25 deletions
|
@ -441,6 +441,12 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
|
|||
new EncryptionKeySelectionStrategy(flags));
|
||||
}
|
||||
|
||||
SecretKeySelectionStrategy signingKeySelector() {
|
||||
return new And.SecKeySelectionStrategy(
|
||||
new NoRevocation.SecKeySelectionStrategy(),
|
||||
new SignatureKeySelectionStrategy());
|
||||
}
|
||||
|
||||
private static KeyFlag[] mapPurposeToKeyFlags(EncryptionStream.Purpose purpose) {
|
||||
KeyFlag[] flags;
|
||||
switch (purpose) {
|
||||
|
@ -458,10 +464,4 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
|
|||
}
|
||||
return flags;
|
||||
}
|
||||
|
||||
SecretKeySelectionStrategy signingKeySelector() {
|
||||
return new And.SecKeySelectionStrategy(
|
||||
new NoRevocation.SecKeySelectionStrategy(),
|
||||
new SignatureKeySelectionStrategy());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -15,6 +15,8 @@
|
|||
*/
|
||||
package org.pgpainless.key.selection.key.impl;
|
||||
|
||||
import java.util.logging.Level;
|
||||
import java.util.logging.Logger;
|
||||
import javax.annotation.Nonnull;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||
|
@ -26,14 +28,26 @@ import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
|
|||
*/
|
||||
public class EncryptionKeySelectionStrategy extends PublicKeySelectionStrategy {
|
||||
|
||||
private final HasKeyFlagSelectionStrategy.PublicKey keyFlagSelector;
|
||||
public static final Logger LOGGER = Logger.getLogger(EncryptionKeySelectionStrategy.class.getName());
|
||||
|
||||
private final HasAnyKeyFlagSelectionStrategy.PublicKey keyFlagSelector;
|
||||
|
||||
public EncryptionKeySelectionStrategy(KeyFlag... flags) {
|
||||
this.keyFlagSelector = new HasKeyFlagSelectionStrategy.PublicKey(flags);
|
||||
this.keyFlagSelector = new HasAnyKeyFlagSelectionStrategy.PublicKey(flags);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean accept(@Nonnull PGPPublicKey key) {
|
||||
return key.isEncryptionKey() && keyFlagSelector.accept(key);
|
||||
boolean isEncryptionKey = key.isEncryptionKey();
|
||||
boolean hasAppropriateKeyFlags = keyFlagSelector.accept(key);
|
||||
|
||||
if (!isEncryptionKey) {
|
||||
LOGGER.log(Level.FINE, "Key algorithm is not suitable of encryption.");
|
||||
}
|
||||
if (!hasAppropriateKeyFlags) {
|
||||
LOGGER.log(Level.FINE, "Key " + Long.toHexString(key.getKeyID()) + " does not carry ");
|
||||
}
|
||||
|
||||
return isEncryptionKey && hasAppropriateKeyFlags;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -24,7 +24,10 @@ import org.pgpainless.algorithm.KeyFlag;
|
|||
import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
|
||||
import org.pgpainless.key.selection.key.SecretKeySelectionStrategy;
|
||||
|
||||
public class HasKeyFlagSelectionStrategy {
|
||||
/**
|
||||
* Selection Strategy that accepts a key if it carries all of the specified key flags.
|
||||
*/
|
||||
public class HasAllKeyFlagSelectionStrategy {
|
||||
|
||||
public static class PublicKey extends PublicKeySelectionStrategy {
|
||||
|
|
@ -0,0 +1,71 @@
|
|||
/*
|
||||
* Copyright 2021 Paul Schaub.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.pgpainless.key.selection.key.impl;
|
||||
|
||||
import java.util.Iterator;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||
import org.bouncycastle.openpgp.PGPSecretKey;
|
||||
import org.bouncycastle.openpgp.PGPSignature;
|
||||
import org.pgpainless.algorithm.KeyFlag;
|
||||
import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
|
||||
import org.pgpainless.key.selection.key.SecretKeySelectionStrategy;
|
||||
|
||||
/**
|
||||
* Selection Strategies that accept a key if it carries at least one of the given key flags.
|
||||
*/
|
||||
public class HasAnyKeyFlagSelectionStrategy {
|
||||
|
||||
public static class PublicKey extends PublicKeySelectionStrategy {
|
||||
|
||||
private final int keyFlagMask;
|
||||
|
||||
public PublicKey(KeyFlag... flags) {
|
||||
this(KeyFlag.toBitmask(flags));
|
||||
}
|
||||
|
||||
public PublicKey(int mask) {
|
||||
this.keyFlagMask = mask;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean accept(PGPPublicKey key) {
|
||||
Iterator<PGPSignature> signatures = key.getSignatures();
|
||||
int flags = signatures.next().getHashedSubPackets().getKeyFlags();
|
||||
return (keyFlagMask & flags) != 0;
|
||||
}
|
||||
}
|
||||
|
||||
public static class SecretKey extends SecretKeySelectionStrategy {
|
||||
|
||||
private final int keyFlagMask;
|
||||
|
||||
public SecretKey(KeyFlag... flags) {
|
||||
this(KeyFlag.toBitmask(flags));
|
||||
}
|
||||
|
||||
public SecretKey(int mask) {
|
||||
this.keyFlagMask = mask;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean accept(PGPSecretKey key) {
|
||||
Iterator<PGPSignature> signatures = key.getPublicKey().getSignatures();
|
||||
int flags = signatures.next().getHashedSubPackets().getKeyFlags();
|
||||
return (keyFlagMask & flags) != 0;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -34,9 +34,10 @@ import org.pgpainless.key.generation.type.KeyType;
|
|||
import org.pgpainless.key.generation.type.ecc.EllipticCurve;
|
||||
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
|
||||
import org.pgpainless.key.generation.type.xdh.XDHCurve;
|
||||
import org.pgpainless.key.selection.key.impl.HasKeyFlagSelectionStrategy;
|
||||
import org.pgpainless.key.selection.key.impl.HasAllKeyFlagSelectionStrategy;
|
||||
import org.pgpainless.key.selection.key.impl.HasAnyKeyFlagSelectionStrategy;
|
||||
|
||||
public class HasKeyFlagsSelectionStrategyTest {
|
||||
public class KeyFlagBasedSelectionStrategyTest {
|
||||
|
||||
@Test
|
||||
public void testKeyFlagSelectors() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
|
@ -61,12 +62,14 @@ public class HasKeyFlagsSelectionStrategyTest {
|
|||
// ENCRYPT_COMMS
|
||||
PGPSecretKey s_encryptionKey = iterator.next();
|
||||
|
||||
HasKeyFlagSelectionStrategy.SecretKey s_certifyOther =
|
||||
new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.CERTIFY_OTHER);
|
||||
HasKeyFlagSelectionStrategy.SecretKey s_encryptComms =
|
||||
new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS);
|
||||
HasKeyFlagSelectionStrategy.SecretKey s_encryptCommsEncryptStorage =
|
||||
new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
|
||||
HasAllKeyFlagSelectionStrategy.SecretKey s_certifyOther =
|
||||
new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.CERTIFY_OTHER);
|
||||
HasAllKeyFlagSelectionStrategy.SecretKey s_encryptComms =
|
||||
new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS);
|
||||
HasAllKeyFlagSelectionStrategy.SecretKey s_encryptCommsEncryptStorage =
|
||||
new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
|
||||
HasAnyKeyFlagSelectionStrategy.SecretKey s_anyEncryptCommsEncryptStorage =
|
||||
new HasAnyKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
|
||||
|
||||
assertTrue(s_certifyOther.accept(s_primaryKey));
|
||||
assertFalse(s_certifyOther.accept(s_encryptionKey));
|
||||
|
@ -81,16 +84,22 @@ public class HasKeyFlagsSelectionStrategyTest {
|
|||
assertFalse(s_encryptCommsEncryptStorage.accept(s_primaryKey));
|
||||
assertFalse(s_encryptCommsEncryptStorage.accept(s_signingKey));
|
||||
|
||||
assertTrue(s_anyEncryptCommsEncryptStorage.accept(s_encryptionKey));
|
||||
assertFalse(s_anyEncryptCommsEncryptStorage.accept(s_primaryKey));
|
||||
assertFalse(s_anyEncryptCommsEncryptStorage.accept(s_signingKey));
|
||||
|
||||
PGPPublicKey p_primaryKey = s_primaryKey.getPublicKey();
|
||||
PGPPublicKey p_encryptionKey = s_encryptionKey.getPublicKey();
|
||||
PGPPublicKey p_signingKey = s_signingKey.getPublicKey();
|
||||
|
||||
HasKeyFlagSelectionStrategy.PublicKey p_certifyOther =
|
||||
new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.CERTIFY_OTHER);
|
||||
HasKeyFlagSelectionStrategy.PublicKey p_encryptComms =
|
||||
new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS);
|
||||
HasKeyFlagSelectionStrategy.PublicKey p_encryptCommsEncryptStorage =
|
||||
new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
|
||||
HasAllKeyFlagSelectionStrategy.PublicKey p_certifyOther =
|
||||
new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.CERTIFY_OTHER);
|
||||
HasAllKeyFlagSelectionStrategy.PublicKey p_encryptComms =
|
||||
new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS);
|
||||
HasAllKeyFlagSelectionStrategy.PublicKey p_encryptCommsEncryptStorage =
|
||||
new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
|
||||
HasAnyKeyFlagSelectionStrategy.PublicKey p_anyEncryptCommsEncryptStorage =
|
||||
new HasAnyKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
|
||||
|
||||
assertTrue(p_certifyOther.accept(p_primaryKey));
|
||||
assertFalse(p_certifyOther.accept(p_encryptionKey));
|
||||
|
@ -104,5 +113,9 @@ public class HasKeyFlagsSelectionStrategyTest {
|
|||
"Must not accept the key, as it only carries ENCRYPT_COMMS, but not ENCRYPT_STORAGE");
|
||||
assertFalse(p_encryptCommsEncryptStorage.accept(p_primaryKey));
|
||||
assertFalse(p_encryptCommsEncryptStorage.accept(p_signingKey));
|
||||
|
||||
assertTrue(p_anyEncryptCommsEncryptStorage.accept(p_encryptionKey));
|
||||
assertFalse(p_anyEncryptCommsEncryptStorage.accept(p_primaryKey));
|
||||
assertFalse(p_anyEncryptCommsEncryptStorage.accept(p_signingKey));
|
||||
}
|
||||
}
|
|
@ -56,6 +56,6 @@ public class TestEncryptCommsStorageFlagsDifferentiated {
|
|||
.onOutputStream(out);
|
||||
|
||||
// since the key does not carry the flag ENCRYPT_COMMS, it cannot be used by the stream.
|
||||
assertThrows(IllegalStateException.class, () -> builder.toRecipients(publicKeys));
|
||||
assertThrows(IllegalArgumentException.class, () -> builder.toRecipients(publicKeys));
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue